import 'server-only';

import { JSDOM } from 'jsdom';
import DOMPurify from 'dompurify';

const window = new JSDOM('').window;
const purify = DOMPurify(window);

/** 净化 HTML 并防止 XSS 攻击(服务端)
 * https://www.npmjs.com/package/dompurify
 */
export const sanitizeServer = (domString: string) =>
  purify.sanitize(domString, { USE_PROFILES: { html: true } });
